<?php

    session_start();
    $_SESSION["inad"]=null;

    $posts=$_POST;
    $username= $posts['userName'];
    $password= $posts['userPwd'];

    if ($username && $password){
        $server="localhost";
        $db_name="dhj";
        $db_pwd="dhj2000";
    
        $con=mysqli_connect($server,"dhj","dhj2000",'www_dhj_com');
        // $con = mysqli_connect($server,$db_name,$db_pwd,'www_dhj_com');
        if ($con->connect_error){
            die("can't connect".mysqli_error());
        }

        mysqli_set_charset($con,"utf8");
        
        $sql="select username,password from phpdev where username=? and password=?";
       
        $stmt=mysqli_stmt_init($con);
        if (mysqli_stmt_prepare($stmt,$sql)){
            mysqli_stmt_bind_param($stmt,"ss",$username,$password);
            mysqli_stmt_execute($stmt);
            mysqli_stmt_bind_result($stmt,$re_username,$re_password);
            mysqli_stmt_fetch($stmt);
            
            if ($re_password && $re_username){
                mysqli_stmt_close($stmt);
                mysqli_close($con);
                $_SESSION["inad"]=true;
                header("refresh:0;url=index.php");
                exit;
            }
            else{
                    echo "username or password wrong";
                    echo"
                        <script>setTimeout(function(){window.location.href='login.php';},1000)</script>
                        ";
                }
                }
                else{
                    echo "shuruwancheng";
                    echo"
                        <script>setTimeout(function(){window.location.href='login.php';},1000)</script>
                        ";  
                }
            }
    
?>